Database Activity MonitoringBy Ericka Chickowski | Posted 2010-01-12 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Customers are floundering with PCI compliance mandates, but that's where the channel can step in. Savvy solution providers can cut through the complexity to help prioritize projects for customers and make money by focusing on the following seven areas.
Database Activity Monitoring
According to statistics compiled by PCI assessors at VeriSign, 70 percent of organizations that fail their PCI audits do so because they fail to monitor and track access to cardholder data. And where does most of that data reside? From where are auditors finding data is being accessed without any oversight? Why, yes, it is the database.
Database activity monitoring (DAM) tools are on their ascendancy within the overall security market--one needs only look at the $225 million IBM acquisition of Guardium late in 2009 to see that. At the moment, though, a scant 13 percent of laggard organizations use DAM to comply with PCI. Even among best-in-class organizations DAM usage is only at 42 percent.